You can create a local FTP account "root" with nothing in it and select the Xlight user option “Bypass the external authentication for this user” from – – for this account. Port scanner normally uses a particular account such as "root" to break into your server. If you don't want those logins being forwarded to Active Directory, you might be able to do something. That could be the source of above error message. If those logins are forwarded to Active Directory, it could trigger Xlight FTP server to prevent those IPs from hammering Active Directory. Port scanner will try to login(break into) your server and could generate a lot of failed logins for short time. If you open the server port to public internet, there are hackers looking for new victims to exploit using port scanner. So Xlight FTP Server has an internal protection mechanism to prevent this from happening, which is the error message that you see in Xlight error log. When this happened, you have to restart Xlight service to unblock it, which is undesirable. If in a short period of time, there are many failed login attempts to Active Directory from Xlight program, Active Directory will think that Xlight FTP program is hammering it and will block Xlight FTP program from accessing it. When Xlight FTP Server is configured to use Active Directory to authenticate user. "IP had made over 6 failed logins in the past 60 seconds, server will automatically ban this IP for 600 seconds to prevent from being lockout by Active Directory for hammering." I see this in Xlight error log, what happened?
0 kommentar(er)
